Mozilla Firefox Multiple Vulnerabilities

Last Update Date: 25 Mar 2015 Release Date: 23 Mar 2015 3191 Views

RISK: High Risk

High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Mozilla Firefox, which can be exploited by remote attackers to bypass certain security restrictions and compromise a user's system.

  1. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a flaw in processing SVG format content navigation and bypass same-origin policy to execute arbitrary scripts with elevated privileges.
  2. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a heap overflow in the JavaScript just-in-time compilation (JIT) engine and execute arbitrary code on the target system.

Impact

  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Mozilla Firefox version prior to 36.0.3

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.
  • Update to version 36.0.4, ESR 31.5.3

Vulnerability Identifier

Source

Related Link

Share with

Previous

PHP Multiple Remote Code Execution Vulnerabilities

20 Mar 2015 3174 Views

Next

Cisco IOS Autonomic Networking Infrastructure Overwrite Vulnerability

24 Mar 2015 3137 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY